1 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package org.springframework.security; 17 18 import java.io.Serializable; 19 20 import org.springframework.security.userdetails.UserDetails; 21 22 /** 23 * Represents an authority granted to an {@link Authentication} object. 24 * 25 * <p> 26 * A <code>GrantedAuthority</code> must either represent itself as a 27 * <code>String</code> or be specifically supported by an {@link 28 * AccessDecisionManager}. 29 * </p> 30 * 31 * <p> 32 * Implementations must implement {@link Comparable} in order to ensure that 33 * array sorting logic guaranteed by {@link UserDetails#getAuthorities()} can 34 * be reliably implemented. 35 * </p> 36 * 37 * @author Ben Alex 38 * @version $Id: GrantedAuthority.java 2735 2008-03-16 04:02:55Z benalex $ 39 */ 40 public interface GrantedAuthority extends Serializable, Comparable { 41 //~ Methods ======================================================================================================== 42 43 /** 44 * If the <code>GrantedAuthority</code> can be represented as a <code>String</code> and that 45 * <code>String</code> is sufficient in precision to be relied upon for an access control decision by an {@link 46 * AccessDecisionManager} (or delegate), this method should return such a <code>String</code>.<p>If the 47 * <code>GrantedAuthority</code> cannot be expressed with sufficient precision as a <code>String</code>, 48 * <code>null</code> should be returned. Returning <code>null</code> will require an 49 * <code>AccessDecisionManager</code> (or delegate) to specifically support the <code>GrantedAuthority</code> 50 * implementation, so returning <code>null</code> should be avoided unless actually required.</p> 51 * 52 * @return a representation of the granted authority (or <code>null</code> if the granted authority cannot be 53 * expressed as a <code>String</code> with sufficient precision). 54 */ 55 String getAuthority(); 56 }